<body>
This tests an isolated script's ability to XHR a blob that is in its security origin, which is not the same as the document's security origin.<br>
We pass if there are no 'Not allowed to load' console errors.
(This will still show one console error as the blob is not available)
<script>
if (!window.testRunner) {
    document.body.appendChild(document.createTextNode("This test requires window.testRunner"));
} else {
    testRunner.dumpAsText();
    // Can't use chrome-extension:// since it's an unknown scheme and
    // will fail validation in content/ land; so pretend that
    // https://cloud-cuckoo-land.google:2112 is a chrome extension origin.
    testRunner.setIsolatedWorldInfo(1, "https://cloud-cuckoo-land.google:2112", null);
    testRunner.evaluateScriptInIsolatedWorld(1, "var xhr = new XMLHttpRequest(); xhr.open('GET', 'blob:https://cloud-cuckoo-land.google:2112/456789', false); xhr.send();");
}
</script>
</body>
